Saturday 17 December 2016

Evolving scams

Scams are like diseases. They very rarely disappear but occasionally there are success stories. Smallpox has been completely eradicated and with luck in the near future polio and malaria will disappear as well. We’re not doing as well with scams.

There are still people receiving the traditional “419” scam which usually starts with a plea for assistance from a young woman in West Africa who tells a sad story about being orphaned and alone, sometimes in a refugee camp, but who has a massive inheritance in a bank account in another country and that she needs assistance in liberating that money. In return for that help the victim is offered a share of the supposed fortune.

Of course, none of this is true. There is no fortune, there isn’t even an orphaned girl. It’s all about the money the scammers sending the emails will eventually demand from the victim. After announcing that there’s some fee to be paid to facilitate the payment, they’ll raise the pressure on the victim until they pay up, then demanding further payments until either the victim realises they’re being scammed or they simply run out of money.

Most of us know about these scams now but not all of us. That’s why the emails are still being sent and gullible victims are still handing over their money.

But why do people fall for it? In particular why do they fall for the ridiculous story about the fortune in the bank?

Cormac Herley, a researcher employed by Microsoft, wrote a paper in 2012 (link to pdf document) entitled “Why do Nigerian scammers say they are from Nigeria?” that examined these scams. He wrote:
“An email with tales of fabulous amounts of money and West African corruption will strike all but the most gullible as bizarre. It will be recognized and ignored by anyone who has been using the Internet long enough to have seen it several times. It will be figured out by anyone savvy enough to use a search engine […] It won’t be pursued by anyone who consults sensible family or friends, or who reads any of the advice banks and money transfer agencies make available.”
Given that the scammers send these ridiculous emails to thousands, perhaps even millions of potential victims, how can they ensure that the ones who respond are most likely to be the ones who will end up coughing up their cash? You might think that they could do this best by constructing a story that is believable as possible but that’s not correct. If they did that, Herley’s research shows, the scammers would have to manage an enormous number of responses. Most of the less gullible people would eventually realise that there was something suspicious going on.

In fact, the best way to maximise their successful response rate, to get the highest proportion of victims to cough up cash, is to make the story as stupid as possible. If they do that, then only the MOST gullible people will respond. The people likely to respond to those emails are the ones worth the scammer’s time. Make the first email as stupid as possible and the victims will select themselves.

As Herley said:
“The initial email is effectively the attacker’s classifier: it determines who responds, and thus who the scammer attacks (i.e., enters into email conversation with). The goal of the email is not so much to attract viable users as to repel the non-viable ones, who greatly outnumber them.”
It’s very easy to think that these scams don’t happen any more, that scammers have moved on to other ways of parting the gullible minority from their money. This is true to an extent, scammers have evolved, they’ve moved into recruitment and immigration scams, they’ve set up fake educational establishments, they’ve broadened their portfolio in the same way any successful business would. But they haven’t abandoned their roots, their core business remains the same, mainly because it can be so horribly profitable for them if they get it right.

The problem is that the organized crime organizations behind these scams are smart. They know that despite the few remaining gullible victims more and more of us are aware how these things work. So they’ve been forced to evolve. It’s therefore no surprise that the biggest risks these days are pyramid and Ponzi schemes.

We’ve warned people repeatedly about recent scams such as MMM Global, Helping Hands International, Monitec Society and the variety of schemes pretending to have some connection to the Bitcoin digital currency. Scams like Billcoin and Bitclub Network are actively trying to recruit people right now as you read this.

But there’s a constant stream of new scams emerging. Just days ago someone alerted us to another calling itself Cryptowealth. Their web site says that the scheme is
“the worlds first fully automated rotating donation social network marketing plan taking members into two platforms earning millions with only a once-off starting donation of $25 and four referrals”
You can see the clues there. Phrases like “rotating donation” suggests a Ponzi scheme and “four referrals” suggests a pyramid scheme. And it’s not $25 to join here in Botswana. Here they want more, P500 to be precise.

But do they even try to explain how they make new money? How you can make money if you’re gullible enough to pay your P500 to join? This is as close as they get:
"Unfortunately, the world is full of “parasites” who live off the ideas of other people. For that reason, the real method of how all will work will be held back".
Is it necessary for me to warn people about this? Cryptowealth is a scam and anyone foolish enough to pay to join it with hopes of making money from it will be sadly disappointed. And poorer.

We all need to keep ourselves thoroughly educated and aware of the risks posed by scams like Cryptowealth. It’s then the job of all of us to spread the word to the people we care about.

No comments: